package com.cnpinxi.core.filter;

import com.cnpinxi.def.Constant;
import org.springframework.http.HttpStatus;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


/**
 * 登录过滤器 <功能详细描述>
 * 
 * @author chenlujun
 * @version [版本号, 2014年10月11日]
 * @see [相关类/方法]
 * @since [产品/模块版本]
 */
public class AdminSessionFilter extends OncePerRequestFilter {

	/** 登录验证过滤器 */

	@Override
	protected void doFilterInternal(HttpServletRequest request,
			HttpServletResponse response, FilterChain filterChain)
			throws ServletException, IOException {
		// 不过滤的uri
		String[] notFilter = new String[] { "/static",
				"/user"};
		String[] filter = new String[] { "/admin",
				 };
 	/*String agent = request.getHeader("user-agent");
		System.out.println("in filter====================?????>>>>>>>>>>>>"+agent);
		if (agent.indexOf("Mobile")>0){
			System.out.println("this is mobile");
		}*/
		// 请求的uri
		String uri = request.getRequestURI();
		System.out.println("uri:"+uri.toString());
		// 是否过滤
		boolean doFilter = true;

		for (String s : filter) {
			if (uri.indexOf(s) == -1) {
				// 如果uri中包含不过滤的uri，则不进行过滤
				doFilter = false;
				break;
			}
		}


		for (String s : notFilter) {
			if (uri.indexOf(s) != -1) {
				// 如果uri中包含不过滤的uri，则不进行过滤
				doFilter = false;
				break;
			}
		}


		if (doFilter) {
			// 执行过滤
			// 从session中获取登录者实体
			Object obj = request.getSession().getAttribute(
					Constant.SESSION_KEY_ADMDIN_USER_LOGIN);
			if (null == obj) {
				logger.info("sessionID is null");
				boolean isAjaxRequest = isAjaxRequest(request);
				if (isAjaxRequest) {
					logger.info("this is ajax!");
					response.setCharacterEncoding("UTF-8");
					response.sendError(HttpStatus.UNAUTHORIZED.value(),
							"您已经太长时间没有操作,请刷新页面");
					return;
				}
				response.getWriter().print("<html><script type='text/JavaScript'> top.location.href='"+this.getServletContext().getContextPath()+"/admin/user/gotoLogin.html"+"'</script></html>");
				response.setContentType("text/html");
				return;
			} else {
				// 如果session中存在登录者实体，则继续
				filterChain.doFilter(request, response);
			}
		} else {
			// 如果不执行过滤，则继续
			filterChain.doFilter(request, response);
		}
	}

	/**
	 * 判断是否为Ajax请求 <功能详细描述>
	 * 
	 * @param request
	 * @return 是true, 否false
	 * @see [类、类#方法、类#成员]
	 */
	public static boolean isAjaxRequest(HttpServletRequest request) {
		String header = request.getHeader("X-Requested-With");
		if (header != null && "XMLHttpRequest".equals(header))
			return true;
		else
			return false;
	}

}
